问题
I am trying to create a separate docker-compose for production, currently I only have one compose file which I use for local development, but to make one for production, I don't know what attributes to remove aside volumes and ports
my current dev compose file looks like this:
version: '3'
services:
db:
container_name: mariadb
build:
context: ./mariadb
volumes:
- ./mariadb/scripts:/docker-entrypoint-initdb.d
- ./.data/db:/var/lib/mysql
- ./logs/mariadb:/var/log/mysql
environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
MYSQL_DATABASE: ${MYSQL_DATABASE}
MYSQL_USER: ${MYSQL_USER}
MYSQL_PASSWORD: ${MYSQL_PASSWORD}
ports:
- '${MYSQL_PORT:-3306}:3306'
command:
'mysqld --innodb-flush-method=fsync'
networks:
- default
restart: always
php-fpm:
container_name: php
build:
context: ./php7-fpm
args:
TIMEZONE: ${TIMEZONE}
volumes:
- ${APP_PATH}:/var/www/app
- ./php7-fpm/config/php.ini:/usr/local/etc/php/php.ini
environment:
DB_HOST: db
DB_PORT: 3306
DB_DATABASE: ${MYSQL_DATABASE}
DB_USERNAME: ${MYSQL_USER}
DB_PASSWORD: ${MYSQL_PASSWORD}
depends_on:
- db
networks:
- default
restart: always
nginx:
container_name: nginx
build:
context: ./nginx
args:
- 'php-fpm'
- '9000'
volumes:
- ${APP_PATH}:/var/www/app
- ./logs/nginx/:/var/log/nginx
ports:
- "80:80"
- "443:443"
depends_on:
- php-fpm
networks:
- default
restart: always
networks:
default:
driver: bridge
回答1:
The exact list would depend on your environment/ops team requirements, but this is what seems to be useful besides ports/existing volumes:
Networks
The default network might not work for your prod environment. As an example, your ops team might decide to put nginx/php-fpm/mariadb on different networks like in the following example (https://docs.docker.com/compose/networking/#specify-custom-networks) or even use a pre-existing network
Mysql configs
They usually reside in a separate dir i.e. /etc/my.cnf and /etc/my.cnf.d.
These configs are likely to be different between prod/dev.
Can’t see it in your volumes paths
Php-fpm7
Haven’t worked with php-fpm7, but in php-fpm5 it also had a different folder with config files (/etc/php-fpm.conf and /etc/php-fpm.d) that is missing in your volumes. These files are also likely to differ once your handle even a moderate load (you’ll need to configure number of workers/timeouts etc)
Nginx
Same as for php-fpm, ssl settings/hostnames/domains configurations are likely to be different
Logging
Think on what logging driver might fit your needs best. From here:
Docker includes multiple logging mechanisms to help you get information from running containers and services. These mechanisms are called logging drivers.
You can easily configure it in docker-compose, here's an example bring up a dedicated fluentd container for logging:
version: "3"
services:
randolog:
image: golang
command: go run /usr/src/randolog/main.go
volumes:
- ./randolog/:/usr/src/randolog/
logging:
driver: fluentd
options:
fluentd-address: "localhost:24224"
tag: "docker.{{.ID}}"
fluentd:
build:
context: ./fluentd/
ports:
- "24224:24224"
- "24224:24224/udp"
回答2:
You should follow the Use Compose in production documentation:
You probably need to make changes to your app configuration to make it ready for production. These changes may include:
- Removing any volume bindings for application code, so that code stays inside the container and can’t be changed from outside
- Binding to different ports on the host
- Setting environment variables differently, such as when you need to decrease the verbosity of logging, or to enable email sending)
Specifying a restart policy like
restart: alwaysto avoid downtimeAdding extra services such as a log aggregator
来源:https://stackoverflow.com/questions/52745320/what-are-the-docker-compose-settings-that-should-be-removed-for-production